Sunday, January 28, 2007

Incident: Homicide, Kenya

Word on the street is a senior staff member of a large international NGO was killed in Nairobi during a robbery. More information as details are made public. This incident follows the deaths of two Americans, the wife and mother-in-law of a US embassy employee, following a carjacking in Nairobi several days ago. (More details on this incident here.)

1/29/07 Update - CARE announced regional director Geoffrey Chege, a 25-year veteran of the organization, was killed during an attempted carjacking. Condolences to family, friends and colleagues.

Saturday, January 27, 2007

More Darfur...

Although reported on earlier in this blog, this week Action Contre La Faim (Action Against Hunger) confirmed an international staff member was raped and several others were sexually assaulted during a December incident in Gereida. Additional information on past assault incidents and some supposed reasons why this hasn't been more widely reported is included. Does your organization stock HIV/AIDS PEP (Post Exposure Protection) kits and have policies and procedures in place for their use?

Reuters has a good summary article on the current levels of insecurity in Sudan entitled, Attacks on aid groups cripple Darfur relief.

Darfur is an interesting case study from a high-level, security management standpoint. I know of at least one large NGO that was advised to suspend operations in Darfur due to insecurity, but continues its programs mostly because senior management believes the public relations benefits outweigh the staff exposure to risk.

In my opinion, most humanitarian organizations don't do a very good job of clearly establishing and articulating acceptable levels of risk to staff. It would be useful for senior management to brush up on some basic economic theory in cost/benefit ratios, especially as it applies to staff members.

What are we willing to risk to achieve our mission? Is the death or rape of a staff member simply the cost of doing business? Is one death OK, but will two cause us to suspend operations? Is the humanitarian work we are performing really making a difference compared to the level of personal risk staff is experiencing? Very hard questions, that are all too infrequently asked.

Incident: Arrests/assaults, Darfur

Local police and security officials raided an international non-governmental organization compound in Nyala and arrested 20 people, including five United Nations staff members, staff of the African Union Mission in Sudan and NGO personnel. Several of those arrested sustained during their detention serious injuries which required treatment at the United Nations clinic. All personnel were subsequently released. More here and here.

Chad: Aid agencies still on war footing as insecurity continues

Wednesday, January 17, 2007

UN warns Darfur's aid operation may collapse

"UN agencies issued an unprecedented joint appeal on Wednesday calling for an end to the violence in Darfur, where widespread attacks and insecurity threaten to collapse the world's largest aid operation." More here and here.

Tuesday, January 16, 2007

NGO Security PowerPoints and Training Thoughts

I just uploaded ten safety and security management PowerPoint files to this blog's companion Web site. The presentations are based on standard humanitarian security practices, with a few additions, and are organized by subject. Feel free to download, use and modify (the formatting is simple and the content is all text and bulleted lists, so you can add your own logos, digital photos and clip art to pretty things up). Perfect for smaller organizations that want to provide internal staff training but don't know where to start or for experienced security practitioners who are looking for some basic PowerPoint presentations they can customize.

I've successfully used these files in different classes over the years, but I've recently changed my way of thinking about security training and am moving away from overwhelming students with too much information (some irrelevant for their context, a lot that they end up forgetting). I now believe it is important to teach people the more generalized skill of making good decisions under stress and then teach them how to perform a small core of key, job-related tasks very, very well. To me, this is a more effective training approach in preparing people to deal with the realities of the field (or headquarters).

Monday, January 15, 2007

More Bird Flu

Cases of Avian flu in Asia are on the rise with a bird flu hospital in Jakarta overwhelmed with patients exhibiting symptoms and Thailand experiencing its first outbreak among birds in the last six months. Recent cases in China, Vietnam, Hong Kong and possibly Japan have also prompted concern that the seasonal resurgence could spread outside the region as in past years - following a path to the Middle East, then Europe and Africa. (One of the best resources for tracking the latest information on Avian flu throughout the world is the Flu Wiki's News section.)

Saturday, January 13, 2007

Incident: Avian flu (fatalities), Indonesia

Reuters is reporting two Indonesian women have died of avian flu, taking the overall human death toll from the disease in the country to 61 (three fatalities within the past week, with several people currently being treated).

Incident: Ambush (fatality), Sudan

A national staff WFP driver was shot and killed during an ambush near Juba, southern Sudan. An employee of the German development organization GTZ was also wounded in the attack. Condolences to family, friends and colleagues.

The Janjaweed's new clothes

Article on how the Janjaweed in Darfur are changing their appearance by dressing like soldiers to better blend in. A good example of the importance of frequent reassessment to determine if threats may have changed - in this case a threat that's still present, but looks different.

Wednesday, January 10, 2007

WikiLeaks

WikiLeaks is a new transparency project that promotes leaking information in a Wiki-style format. The goal is to collect anonymously leaked documents and information, show it to the world, and then let people comment and analyze. While the primary targets are governments and corporations, if this effort is successful, I wouldn't be surprised to see an internal document or two from various humanitarian organizations show up - likely from NGOs with high staff turnover rates, even higher levels of frustration, and less than competent management.

Many people don't get the power of the Internet when it comes to information and achieving "real" transparency - which is much more than a nice sounding buzzword used for marketing and public relations purposes. There are other popular disclosure sites such Cryptome and The Memory Hole, but WikiLeaks is the first to take a very active and collaborative approach. It will be interesting to watch its debut in the coming months.

Incident: Shooting (fatality), Iraq

Friday, January 05, 2007

Aid workers beaten, raped in Darfur

More details are coming to light on the evacuations in Gereida, Sudan last month. Following an article in the French newspaper Le Monde, an Action Against Hunger spokesperson said the staff suffered "beatings, blows from rifle butts, robbery, assault and at least one rape." These incidents as well as mock executions, gunfire directed at buildings, and vehicles being stripped prompted the evacuations. It is unclear if the ACF personnel involved were national or international staff. This marks the second large scale security incident that's impacted ACF in the past six months - the first being the murder of 17 staff members in Sri Lanka in August.

Full Le Monde article in French here, also a rudimentary English translation (thanks to Google).

Readers who have additional information on the Gereida incident are encouraged to comment (anonymously if appropriate).

US PMC contractors and the law

Up until now, US PMC (private military company) contractors have had a tremendous amount of latitude in how they conduct operations - sometimes with little or no accountability for their actions. This is all about to change dramatically, due to a small bit of wording inserted into the 2007 Pentagon budget that states contractors will now be subject to the Uniform Code of Military Justice that applies to all members of the US armed services. P.W. Singer has an analysis here, along with a number of very interesting reader comments.

Thursday, January 04, 2007

10 Steps to Creating Your Own IT Security Audit

A tool missing from many humanitarian security practitioners' toolbox is experience in handling information security. Usually this area is left to an organization's IT staff, which is often too busy handling day-to-day system administration duties or doesn't have much depth when it comes to security (this can especially be true in smaller field offices).

While information security does tend to have more technical elements than most aspects of NGO security (which can be a little intimidating to some people), the basics are grounded in common sense.

Here's a good article that lists 10 steps for performing your own IT security audit. It's fairly easy to read and and provides the fundamental questions to ask if you ever need to perform an IT-related security assessment. From doing computer security work for a number of years before becoming involved with the humanitarian community, I give the authors two thumbs up for covering most of the basics in a concise and easy to understand way.

Wednesday, January 03, 2007

Journal of International Peace Operations

The January/February 2007 issue of the Journal of International Peace Operations is out - free, PDF format. Targeted toward PMCs (Private Military Companies) and their employees, this magazine helps you better understand their context and perspectives. (The current issue has an article by Jean Renouf calling for dialog between PMCs and humanitarian organizations.)

Foreigners advised to leave Gaza

"Palestinian security officials have advised foreign nationals to leave Gaza due to kidnap threats two days after Jaime Razuri, a photographer, was snatched by unknown armed men.

Security officials said they have advised American and European nationals to leave because of a threat of further abductions.

Another security source said that the advice was in part directed at expatriate employees of UNRWA, the UN relief agency for Palestinian refugees. But UNRWA said it had no plans to withdraw its foreign nationals." More here.

Oil firm risked hostages' lives

Tuesday, January 02, 2007

Peter Sandman and Risk

One often overlooked aspect of NGO safety and security is risk communication. Risk communication is the art of helping people understand actual versus perceived risk. One of the top people in this field is Peter Sandman. For a number of decades Sandman has been helping clients better explain and present risk. His Web site contains a tremendous amount of valuable information and is a must read for any humanitarian security practitioner (or manager who ends up serving as a spokesperson during a crisis).

One of Sandman's basic premises is Risk = Hazard + Outrage. I'll take the liberty of quoting him on how this differs from the more traditional Risk = Impact x Probability.

Risk assessors in various fields — from health and safety to insurance to business continuity — always end up with some variation of the“impact times probability” formula. Instead of “impact,” other formulations say “magnitude” or “consequence”; instead of “probability,” they sometimes say “frequency.” But everyone agrees that the technical and financial calculation of risk (as opposed to the cultural or psychological calculation) means multiplying two factors: how bad it is and how likely it is.

As you know, this is easier said than done. Measuring probability is a methodological can of worms, especially for awful things that have never happened. (How do you even list all the awful things that have never happened, much less calculate their probability?) Even for chronic risks, there is often very high uncertainty surrounding a probability estimate — consider, for example, the probability that low-level emissions of dimethylmeatloaf contribute to the incidence of birth defects. But at least we know exactly what we’re trying to measure. Measuring risk magnitude (“impact” in your terms) is a conceptual and moral can of worms. What is the relative magnitude of the death of a human versus the extinction of an animal species? The death of a healthy child versus the death of a virtuoso violinist versus the death of a terrorist versus the death of an Alzheimer’s patient?

Nor is there universal agreement that risk magnitude and risk probability deserve equal weighting, as the formula suggests. Most people intuitively think that really horrific outcomes (the end of life on earth, say) are unacceptable even if they have commensurately low probabilities. We prefer a lower-magnitude higher-probability risk, even though the magnitude-times-probability product is the same. But at the other end of the distribution, we are also profoundly uncomfortable with sacrificial lambs: If we just let them kill this one person, the odds of a good outcome will improve markedly for the rest of us.

Even when both magnitude and probability are well-established, people have very different responses to mathematically equivalent risks. Some of this is attributable to perceptual heuristics — some risks are more vivid and emotionally resonant than others, for example. But some of it is real judgment that risks deserve to be assessed by more standards than just their magnitude and probability. Most people know that they are likelier to die in a fatal car accident than in a terrorist attack. Most people know that a million dollars spent on highway safety will reduce mortality more than a million dollars spent on homeland security. But compared to highway safety, terrorism isn’t just more vivid, more emotionally resonant, less familiar, more dreaded, and the rest. It is also more important — morally, politically, culturally. We are willing to spend more on it per life saved.

All these complexities, discontinuities, and inconsistencies are the venue of what I usually call outrage. In my “Risk = Hazard + Outrage” formula, my “hazard” is what you mean by “risk” — that is, magnitude times probability. “Outrage” is all the other considerations that make us assess some risks differently than others, including the considerations that make us right to do so. When I first coined the formula, I was working mostly on environmental controversies, and “outrage” nicely captured the mix of anger, righteous indignation, and worry that people felt about industrial pollution. It isn’t really the right word for some other sorts of risks. The same “outrage factors” explain why people are more attentive to West Nile Virus than to flu, notwithstanding the fact that flu is by far the bigger risk technically. But people are more fearful than angry about West Nile Virus. It feels off to call it “outrage.” Years ago, Sheldon Krimsky and Alonzo Plough wrote about “technical rationality” versus “cultural rationality.” That captures the distinction in a more universal way than “hazard" versus “outrage.” I tend to stick to my own formulation; it’s shorter and it’s mine.

Communication Gaps

Mobile phone and radio communications can be an important part of an organization's safety and security plan. If someone gets in trouble or needs assistance, a phone call or radio transmission can be part of the first steps in resolving the problem. All too often though, many humanitarian workers and managers aren't fully aware of gaps that exist in their communications systems. "Dead spots" or "black spots" are fairly common in mobile phone and radio systems. These are places where for one reason or another, incoming, outgoing or both types of communication, may be limited or non-existent (for example, here's a UN map of black spots in Kenya). Needless to say, it's good practice to identify coverage gaps in your operating area and make all staff aware of them.